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AMENDMENTS TO THE CLAIMS 

The following listing of claims replaces all prior versions and listings of claims in the 

application. 

1 . (Currently Amended) A controlled multicast system, comprising: 
including an Ethernet switch [[and]]; 
a multicast router, 
winem wherein: 

the Ethernet switch connects with each of a plurality of hosts in a downlink, and 
connects with tlie muhicast router in an uplink, 

the multicast router connects with a multicast router of other systems in the 

uplink, 

the Ethernet switch implementing multicast exchange of a layer 2, and 

an IGMP V2 protocol is adopted as group management protocol between the 
Ethernet switch and the host; 

wherein the controlled multicast system further comprises: 

a portal server, connecting with the multicast router and providing an 
interface of user access authentication; [[and]] 

an authentication server, storing configuration of privilege for the host 
which wants to join in the multicast group; 
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wherein: 

the multicast router and the authentication server adopting are 
configured to adopt a Client-server structure by which the authentication server 
authenticates identification of the host to join in a multicast group with 
information inputted through the interface provided by the portal server, and 

the muhicast router records a User ID and a vlan ID corresponding to the 
User ID of the authenticated host and then distributes control commands 
according to results of the authentication to control multicast forwarding 
operations of the Ethernet switch. 

2. (Currently Amended) The controlled multicast system according to claim 1, wherein 
a RADIUS+ protocol extended from aft RADIUS (Remote Authentication Dial In User Service) 
protocol is adopted as communication protocol between the multicast router and the 
authentication server. 

3. (Currently Amended) The controlled multicast system according to claim 1, wherein 
the authentication server is an AAA (authorization and Authorization And Authentication) 
server. 
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4. (Currently Amended) The controlled multicast system according to claim 1, wherein; 

configuration of privilege comprises a corresponding relation between the User 
ID of the host and an address of multicast group in which the host wants to join; 

the information inputted through the interface provided by the portal server 
comprises the User ID and a password; 

each port through which the host is connected to the Ethernet switch is a vlan 

port; 

whoroin the authentication server in the system fiirther for, after receiving an 
extended RADIUS authentication message fi'om the multicast router, of which attributes 
include the User ID as the user name and the address of multicast group in which the host 
wants to join, detecting whether to accept the host joining in the multicast group based on 
the configuration of privilege; 

responding with an acceptance message to the multicast router if the host has 
suitable privilege, otherwise returning a reject message; 

wh e r e in the multicast router in the system is fiirther configured for, after 
receiving an IGMP Membership Report message from the Ethemet switch, according to 

the vlan ID in the message, searching the corresponding User ID in a multicast access 
privilege table of the multicast router, and then sending the said extended RADIUS 
authentication message, to the authentication server; 

after receiving the acceptance message from the authentication server, writing the 
address of the multicast group in which the host can join into the said multicast access 
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privilege table, and implementing a routine disposal on join messages of the host, then 
generating a Join message, which comprises the vlan ID corresponding to the port that 
links with the host which wants to join in the multicast group, the address of the multicast 
group that is applied for, and a Join command field, and then transmitting to the Ethernet 
switch; moreover, completing a routine processing of creating multicast forwarding tree 
on the IGMP Membership Report message; doing nothing after receiving the reject 
message; 

the Ethernet switch is further configured for[[,]] forwarding the IGMP 
Membership Report message fi-om the host, wh e r e in the IGMP Membership Report 
message being forwarded to the multicast router port carries with the vlan ID of the host; 

after receiving the Join message from the multicast router, searching the MAC 
address corresponding to the address of the multicast group in the forwarding table; if the 
entry corresponding with the MAC address is found, obtaining the port number of the 
host via searching tin the forwarding table with the vlan ID in the Join message, and then 
adding the port number into the said entry; if nothing is found, adding an entry in the 
forwarding table, which comprises the MAC address corresponding to the multicast 
address, the port number of the host which applies to join in the multicast group, and the 
port number of the multicast router connected with the Ethernet switch; and 

after receiving a multicast fiow from the multicast router, forwarding it to ports of 
the Ethernet switch with the current forwarding table. 

5. (Currently Amended) The controlled multicast system according to claim 1, wherein; 
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the multicast router in the system is further configured for[[,]]i 

after receiving an IGMP Leave message[[,]]: 

extracting the vlan ID from the message, and 

obtaining corresponding entry in the multicast access privilege 
table via searching with the vlan ID, 

then deleting the address of the multicast group indicated by the 
IGMP Leave message in the entry; 

after completing a routine disposal on leave messages of the host, 
generating a Leave message and sending to the Ethernet switch, which includes 
the vlan ID of the host which wants to leave the multicast group, the address of 
multicast group where the host wants to leave and a Leave command field; and 

the Ethernet switch fiirther configured for[[,]]; 

after receiving the Leave message from the multicast router, obtaining the 

entry through looking up the forwarding table with the MAC address 
corresponding to the multicast address of the multicast group, and 

getting the port number of the host with the vlan ID in the Leave message, 
and then deleting the said port number from said entry. 



6. (Currently Amended) The controlled multicast system according to claim 1, wherein 
the multicast router in the system is fiirther configured for[[,]]i 
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after knowing offline status of the host, actively generating the Leave message 

and sending to the Ethernet switch; and 

moreover terminating the multicast flow transmission. 



7. (Currently Amended) A method for impl e m e nt implementing a controlled multicast. 

comprising: 

A. in advance, according to ports of an Ethernet switch, classifying vlan with 
one vlan for each port, and linking one port to the host; 

making access authentication for a host which wants to join in a multicast group, 
if the authentication is successful, executing step B, otherwise ending; 

B. forwarding an IGMP Membership Report message from the host by the 
Ethernet switch; 

C. detecting whether to accept the host joining in the multicast group, if it is, 
generating a Join message to control establishing of an entry in a forwarding table of the 
Ethernet switch by a multicast router, and forwarding a multicast flow from the multicast 
router according to the current forwarding table by the Ethemet switch; otherwise ending. 



8. (Currently Amended) The method for implementing a controlled multicast according 
to claim 7, for the host which wants to leave the multicast group, the method further 
comprising[[,]]; 
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forwarding an IGMP Leave message from the host by the Ethemet switch; and 

generating a Leave message to control deleting the entry of the host in the 
forwarding table after the multicast router receives the IGMP Leave message. 



9. (Currently Amended) The method for implementing a confroUed multicast according 

to claim 7, further comprising[[,]]i 

actively generating the Leave message to confrol deleting the entry of the host in 
the forwarding table by the multicast router once knowing offline status of the host[[,]]; 
and 

terminating the multicast flow fransmission. 



10. (Currently Amended) The method for implementing a confroUed multicast 
according to claim 7, wherein: 

in step A, the said step of making access authentication for a host which wants to 
join in the multicast group comprises[[,]]i 

in advance, storing configuration of privilege for hosts which want to join 

in the multicast group in an authentication server that connects with the multicast 
router, wherein the configuration of privilege includes a corresponding relation 
between a User ID of the host and an address of multicast group in which the host 
wants to join; 
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inputting information including the User ID and a password through an 
interface provided by a portal server, and authenticating identification of the host 
with the information by the authentication server; and 

recording the User ID of the host and a corresponding vlan ID of the host 
in a multicast access privilege table by the multicast router after the authentication 
is successfiil; 

the step B ftirther comprises[[,]]i 

if the port corresponding to the destination MAC address in the IGMP 
Membership Report message is found in the forwarding table, forwarding to the 
found port, otherwise forwarding to all ports[[;]]i 

wherein the IGMP Membership Report message forwarded to the 
multicast router port carries with vlan ID of the host; and 

the step C further comprises, 

C 1 . after multicast router receives the IGMP Membership Report 
message, searching the User ID of the host in the multicast access privilege table 
based on the vlan ID in the IGMP Membership Report message; then sending an 
extended RADIUS authentication message which includes the User ID just found 
as the user name and the address of multicast group in which the host wants to 
join as the name and the address of multicast group in which the host wants to 
join as the attribute, to the authentication server; detecting whether to accept the 
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host joining in the multicast group by the authentication server according to the 

configuration of privilege; 

if the host has suitable privilege, responding with an acceptance message 
to the multicast router by the authentication server, and then executing step C2, 
otherwise returning a reject message; 

the multicast router does nothing and ends after receiving the reject 
message; 

C2. after the multicast router receives the acceptance message, writing 
the address of the multicast group in which the host can join into the said 
multicast access privilege table, and implementing a routine disposal on join 
messages of the host, then generating a Join message, which comprises the vlan 
ID corresponding to the port that links with the host which wants to join in the 
multicast group, the address of the multicast group that is applied for, and a Join 
command field, and then transmitting to the Ethernet switch; 

moreover, completing a routing processing of creating multicast 
forwarding tree on the IGMP Membership Report message; 

C3. searching the MAC address corresponding to the address of the 
multicast group in the forwarding table by the Ethernet switch; 

if the entry corresponding with the MAC address is found, obtaining the 
port number of the host via the vlan Id IN THE Join message, and then adding the 
port number into the said entry; 



Page 10 of 22 



Serial No. : 1 0/502,543 Attorney Docket: 568 1 5 .0200 

if nothing is found, adding an entry in the forwarding table, which 
comprises the MAC address corresponding to the multicast address, the port 
number of the host which applies to join in the multicast group, and the port 
number o the multicast router connected with the Ethernet switch; and 

C4. sending only one copy of the multicast flow to the Ethernet switch 
by the multicast router. 

1 1 . (Currently Amended) The method for implementing a controlled multicast 
according to claim 8, wherein: 

the step of forwarding an IGMP Leave message from the host frirther 
comprises[[,]] forwarding the IGMP Leave message from the host based on the current 
forwarding table; 

wh e r e in the IGMP Leave message forwarded to the multicast router carries with 
the vlan ID of the host; 

the step of generating a Leave message to confrol deleting the entry of the host in 
the forwarding table fiirther comprises[[,]]i 

after the multicast router receives the IGMP Leave message, exfracting the 
vlan ID from the message, and obtaining corresponding entry via searching in the 
multicast access privilege table with the vlan ID, then deleting the address of the 
multicast group indicated by the IGMP Leave message in the entry of the 
multicast access privilege table; 
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completing a routine disposal on leave messages of the host, and then 
generating a Leave message and sending to the Ethernet switch, which includes 
the vlan ID of the host which wants to leave the group, the address of multicast 
group where the host wants to leave and a Leave command field; and 

after the Ethernet switch receives the Leave message, obtaining the entry 
through looking up the forwarding table with the MAC address corresponding to 
the multicast address of the multicast group, and getting the port number of the 
host with the vlan ID in the Leave message, and then deleting the said port 
number from the said entry. 



12. (Currently Amended) The method for implementing a controlled multicast 
according to Claim 11, the step of generating a Leave message to control deleting the entry of 
the host in the forwarding table further comprises[[,]]i if the deleted port is the solely port of the 
said entry in the forwarding table, further deleting the whole entry. 



13. (Currently Amended) The method for implementing a controlled multicast 
according to Claim 7 , further comprising: 

during the messages forwarding, adopting a vlan protocol between the multicast 
router port and the Ethernet switch. 
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14. (Currently Amended) The method for implementing a controlled multicast 
according to claim 7, the method further comprises[[,]]: 

filtering data messages send by a multicast sender with a multicast Access 
Control List (ACL) through the first receiver among the multicast routers[[,]]i and 

forwarding the data messages that satisfy the requirements in the ACL to the 
multicast tree. 

15. (Currently Amended) The method for implementing a controlled multicast 
according to claim 14, wherein the multicast ACL comprises a command word, a source address^ 
and a group address. 

16. (Currently Amended) The method for implementing a controlled multicast 
according to claim 14, wherein: 

the multicast ACL is distributed to each multicast router by a centralized 
multicast service control server; and 

moanwhilo the multicast service control server is also acts as the authentication 

server. 



Page 13 of 22 



Serial No. : 1 0/502,543 Attorney Docket: 568 1 5 .0200 

17. (Previously Presented) The method for implementing a controlled multicast 
according to claim 14, wherein the multicast ACL can also be distributed by a centralized policy 
server or a network manager. 



18. (New) A method for implementing a controlled multicast, comprising: 

in advance, according to ports of an Ethernet switch, classifying virtual local area 
network (vlan) with one vlan for each port, and linking one port to the host; and 

making access authentication for a host which wants to join in a multicast group, 

if the authentication is unsuccessful, ending, 

otherwise: 

forwarding an Internet Group Management Protocol (IGMP) 
Membership Report message from the host by the Ethernet switch, the 
forwarding comprising: 

if the port corresponding to the destination Media Access 

Control (MAC)address in the IGMP Membership Report message 
is found in the forwarding table, forwarding to the found port, 

otherwise forwarding to all ports, the IGMP Membership 
Report message being forwarded to the multicast router port 
carries with vlan ID of the host; and 

detecting whether to accept the host joining in the multicast group. 
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if accepting is detected: 

generating a Join message to control establishing of 
an entry in a forwarding table of the Ethernet switch by a 
multicast router, and 

forwarding a multicast flow from the multicast 
router according to the current forwarding table by the 
Ethemet switch, 

otherwise ending. 
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